Hi! Im new to elastic search, I wish to send log files from filebeat to logstash. Filebeat log shows connection refused error as follows:
2017-12-07T02:43:07+05:30 ERR Failed to connect: dial tcp 127.0.0.1:9600: connectex: No connection could be made because the target machine actively refused it.
The input block of logstash conf file looks like this:
I doubt that my filebeat is running on 5044. Im not able to figure out the port its running at. Seems like it not the default 5044 port. How do I configure the port for filebeat.exe.
Yes, have already set the multiline grouping in filebeat: Config file looks like this.
#=========================== Filebeat prospectors =============================
filebeat.prospectors:
- input_type: log
paths:
- C:\Users\shreya\Data\mylog.log
document_type: springlog
### Multiline options
# Mutiline can be used for log messages spanning multiple lines. This is common
# for Java Stack Traces or C-Line Continuation
# The regexp Pattern that has to be matched. The example pattern matches all lines starting with [
multiline.pattern: '^\[[0-9]{4}-[0-9]{2}-[0-9]{2}'
# Defines if the pattern set under pattern should be negated or not. Default is false.
multiline.negate: true
# Match can be set to "after" or "before". It is used to define if lines should be append to a pattern
# that was (not) matched before or after or as long as a pattern is not matched based on negate.
# Note: After is the equivalent to previous and before is the equivalent to to next in Logstash
multiline.match: before
#----------------------------- Logstash output --------------------------------
output.logstash:
# The Logstash hosts
hosts: ["localhost:9600"]
#================================ Logging =====================================
logging.level: debug
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
